Adding SSH keys for virtual machines
Use of SSH keys allows you to secure SSH access to virtual machines. You can generate a key pair on a client from which you will connect to VMs via SSH. The private key will be stored on the client and you will be able to copy it to other nodes. The public key will need to be uploaded to Virtuozzo Hybrid Infrastructure and specified during VM creation. It will be injected into the VM by cloud-init and used for OpenSSH authentication. Keys injection is supported for both Linux and Windows virtual machines.
Limitations
- You can specify an SSH key only if you deploy a VM from a template or boot volume (not an ISO image).
- If a key has been injected into one or more VMs, it will remain inside those VMs even if you delete it from the panel.
Prerequisites
- The
cloud-init
utility and OpenSSH Server are installed in a VM template or boot volume, as instructed in Preparing templates.
To add a public key
Admin panel
-
Generate an SSH key pair on a client by using the
ssh-keygen
utility:# ssh-keygen -t rsa
- On the Compute > Virtual machines > SSH keys tab, click Add key.
-
In the Add SSH key window, specify a key name and copy the key value from the generated public key located in /root/.ssh/id_rsa.pub. Optionally, you can add a key description.
A description should not contain any personally identifiable information or sensitive business data.
Command-line interface
-
Generate an SSH key pair on a client by using the
ssh-keygen
utility:# ssh-keygen -t rsa
-
Upload the public key to the compute cluster. For example, to create a public SSH key called
mykey
, run:# vinfra service compute key create --public-key /root/.ssh/id_rsa.pub mykey
The new SSH key will appear in the vinfra service compute key list
output:
# vinfra service compute key list +-------+-------------+----------------------------------+ | name | description | created_at | +-------+-------------+----------------------------------+ | mykey | | 2021-06-15T12:24:27.814043+00:00 | +-------+-------------+----------------------------------+
To delete a public key
Admin panel
- On the Compute > Virtual machines > SSH keys tab, select the SSH key you want to delete, and then click Delete.
- Click Delete in the confirmation window.
If this key has been injected into one or more virtual machines, it will remain inside those virtual machines.
Command-line interface
Use the following command:
vinfra service compute key delete <ssh-key>
<ssh-key>
- SSH key name
For example, to delete the SSH key mykey
, run:
# vinfra service compute key delete mykey